Sender Policy Framework (SPF) is a system implemented by most email service providers that helps to reduce Electronic Mail (email) “spam” that is forged by a malicious system or entity. At a high level, SPF allows an administrator for a DNS domain (eg: example.com) to authorize a set of servers to send email on behalf of the domain. The authorization is most commonly based on the Internet Protocol (IP) address of the server that is sending the email. Full details of the SPF process can be found in RFC 4408 (https://tools.ietf.org/html/rfc4408) and RFC 7208 (https://tools.ietforg/html/rfc7208).
As more companies outsource email related functionality to 3rd party providers, it is important for the administrators for these companies to authorize the 3rd parties to send email on their behalf. For example, a company may want a bulk mail service provider such as MAILCHIMP to send email on the company's behalf. To do this, the company will “include” an SPF record from MAILCHIMP or any other service provider they use.
For example, the following record will authorized Google and Mailchimp to send email on behalf of example.com. example.com 60 IN TXT “v=spf1 include:_spf.google.com include:spf.mailchimp.com ˜all”
Each included record is recursively searched for more records until they all are resolved to specific IP address ranges. This recursive lookup can cause problems, and is the subject of the invention presented in this patent filing. The SPF RFCs define a hard limit of 10 recursive lookups, after which, an SPF check will fail. A failed SPF check can have a detrimental effect on deliverability of email and cause messages to be outright rejected or placed into a junk mail folder.